Two issues I keep reading about a lot lately are that Snow Leopard's and IE8's malware detection. I wish people were making more of a deal about- WPA TKIP being broken.

*Snow Leopard's malware detection*

Well many journalists are making such a big deal about the fact that Snow Leopard only scans for 2 trojans right now. But Apple says it will be updated via software updates so the number will increase.

Not being Apple literate by any means, I was impressed by the fact that they now have a built in file quarantine capability. I had recently read that it was a simple improvement to 'file quarantine' which had been put in earlier. Now if it would allow for isolation of processes, I would be happier with it. Maybe it already does and I am just plain ignorant.

Anyway, it sounds like Apple is on the right track. Even though they seem to being doing a catch-up instead of being innovation and some people call SNOW LEOPARD more of a Service Pack than a new OS, it sounds like a useful improvement none the less. I would not use a Linux before 2.4 or a Windows before XP service pack 2, and I doubt if Mac people will use anything before 10.6 (OSx.vi?).

*IE8's malware detection*

A report that keeps cropping up is that IE8 detects social engineered malware better than all other browsers. Well, in the reports I've seen I haven't seen a link to the original report yet. But I have seen claims that MicroSoft paid for said report which only tests for a narrow sub-set of malware- that which is "socially engineered". We tried to be fair to Apple, so let's be fair to MicroSoft.

The hiding of the original report sounds more like the deficiencies of a few lazy journalists who refuse to double check and report on their sources. This may not be a MicroSoft fault. It is possible they had their hand in enough pockets in the online journalism world, but as of yet I have seen no proof.

The concern that MicroSoft paid for said report is probably true, but that is how many organizations seem to work. You paid to get 'certified' by organization x. When I realized this is how Common Criteria works, I took their EAL ratings with a huge grain of salt. But while it probably skewers the results, but it doesn't prove any foul play.

"Socially engineered" malware is not the only malware out there, but at least they were honest about this detail. They could have hid in deep in the details or left it out completely. Besides, "socially engineered" is a threat that needs to be detected, and both false positives and false negatives would be common here.

All of that said, I think the paper as reported is much less valuable than headlines claim and the articles themselves are bad journalism at best.

*broken WPA*

Another one bites the dust.

It doesn't seem that long ago that WEP was considered to be ultimately secure. When it was broken and software to automate the task was written, people started pointing to WPA-TKIP for any wireless network that required significant security. But now WPA-TKI has been broken so people are pointing to WPA-AES instead. Now how long before that is broken?